serisec

Category: Windows

  • Microsoft Strengthens Outlook’s Email Ecosystem to Protect Inboxes

    Microsoft Strengthens Outlook’s Email Ecosystem to Protect Inboxes Microsoft Outlook will enforce stricter authentication requirements for high-volume senders, impacting domains that send over 5,000 emails daily. These changes, which will take effect on May 5, 2025, aim to enhance inbox protection and maintain trust in digital communication. Outlook’s updated policy will mandate compliance with SPF…

  • Microsoft Celebrates 50th Anniversary!

    Microsoft Celebrates 50th Anniversary! Microsoft celebrated its 50th anniversary on April 4, 2025, reflecting on its journey since Bill Gates and Paul Allen founded the company in 1975. The milestone event, held at Microsoft’s Redmond, Washington headquarters, blended nostalgia with cutting-edge AI advancements, particularly through its Copilot platform, while highlighting the transformative role of technology…

  • New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials – Unofficial Patch

    New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials – Unofficial Patch A critical vulnerability affecting all Windows operating systems from Windows 7 and Server 2008 R2 through the latest Windows 11 v24H2 and Server 2025.  This zero-day flaw enables attackers to capture users’ NTLM authentication credentials simply by having them view a malicious…

  • Microsoft Windows File Explorer Vulnerability Let Attackers Perform Network Spoofing – PoC Released

    Microsoft Windows File Explorer Vulnerability Let Attackers Perform Network Spoofing – PoC Released A critical vulnerability in Windows File Explorer, identified as CVE-2025-24071, enables attackers to steal NTLM hashed passwords without any user interaction beyond simply extracting a compressed file.  Security researchers have released a proof-of-concept exploit demonstrating this high-severity flaw, which Microsoft patched in…

  • CISA Warns of Microsoft Windows Management Console (MMC) Vulnerability Exploited in Wild

    CISA Warns of Microsoft Windows Management Console (MMC) Vulnerability Exploited in Wild The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding an actively exploited vulnerability in Microsoft Windows Management Console (MMC), tracked as CVE-2025-26633.  This improper neutralization flaw (CWE-707) enables remote attackers to execute arbitrary code over a network, posing significant…

  • 0-Day Vulnerabilities in Microsoft Sysinternals Tools Allow Attackers To Launch DLL Injection Attacks on Windows

    0-Day Vulnerabilities in Microsoft Sysinternals Tools Allow Attackers To Launch DLL Injection Attacks on Windows A critical 0-Day vulnerability has been identified in nearly all Microsoft Sysinternals tools, presenting a significant risk to IT administrators and developers who rely on these utilities for system analysis and troubleshooting. This vulnerability, outlining how attackers can exploit DLL injection…

  • New Attack Technique to Bypassing EDR as Low Privileged Standard User

    New Attack Technique to Bypassing EDR as Low Privileged Standard User A new cyberattack technique has emerged, enabling attackers to bypass Endpoint Detection and Response (EDR) systems while operating under a low-privileged standard user account.  Traditionally, EDR evasion requires elevated privileges, such as administrative or system-level access.  However, this innovative approach leverages masquerading and path…

  • Akira’s New Linux Ransomware Attacking VMware ESXi Servers

    Akira’s New Linux Ransomware Attacking VMware ESXi Servers The Akira ransomware group, a prominent player in the Ransomware-as-a-Service (RaaS) domain since March 2023, has intensified its operations with a new Linux variant targeting VMware ESXi servers. Initially focused on Windows systems, Akira expanded its scope in April 2023 by deploying a Linux-based encryptor specifically designed…

  • Smashing Security podcast #399: Honey in hot water, and reset your devices

    Smashing Security podcast #399: Honey in hot water, and reset your devices Ever wonder how those “free” browser extensions that promise to save you money actually work? We dive deep into the controversial world of Honey, the coupon-finding tool owned by PayPal, and uncover a scheme that might be leaving you with less savings and…

  • December Patch Tuesday arrives bearing 71 gifts

    December Patch Tuesday arrives bearing 71 gifts Seventeen Critical-severity CVEs ready to deck your halls; also, new blog guidance for Windows Server admins Angela Gunn Go to sophos